safety instrumented systems: can they be integrated but separate
safety instrumented systems: can they be integrated but separate safety instrumented systems: can they be integrated but separate
Each logic solver contains a redundant set of CPUs, which handle all processingfor the SIS system. The I/O for the SIS is integrated into the Logic Solver. Noexternal I/O cards are used. Logic solvers can communicate with one anotherover a peer-to-peer SIS ring network. The SIS network is not accessible by anycomponents of the BPCS. The BPCS controllers receive information from thelogic solvers via a different bus to allow SIS information to be viewed by plantoperators. The BPCS controllers are also used to write configuration changes tothe SIS logic solvers when security allows. No SIS configuration is run in theBPCS controller.At first glance this may seem to violate some basic principles of separation butit’s believed that these issues can be discussed while at the same time thetremendous benefits that become available can be explained.For this totally integrated system it makes sense to look at what is the same,what is different, and then what is improved.As was mentioned previously, the only new component being discussed is a newlogic solver and therefore all the field components including sensors, wiring, andcontrol elements are separate and can be identical for all SIS systemimplementations. Within the SIS system the following is separate from the BPCSsystem:- Logic processors and Terminal Blocks- I/O cards- Power- Communications- Operating System in the Logic SolverIt is possible to mount both BPCS modules and SIS logic solver modules on thesame backplane and meet IEC standards for SIL 3. This feature is probably themost difficult to grasp and in many applications these modules are installed onseparate backplane carriers and sometimes in separate cabinets to provide for aphysical separation to mitigate human error during maintenance and operation.The new (scaleable) logic solvers have a capacity of 16 configurable I/O and canbe configured on an individual basis to closely match the SIF functions beingprotected. This is very different both in physical layout and configuration ascompared to the historical SIS approach.Separation is great for safety but not so great for engineering, operations, andmaintenance. From an operational and maintenance point of view it is importantto understand what is happening in the opposite system and present thatinformation to the operations and maintenance staff in a single and cohesivemanner.
- Page 1: SAFETY INSTRUMENTED SYSTEMS: CAN TH
- Page 6 and 7: This evolutionary system is really
- Page 8 and 9: e reduced because of the common eng
Each logic solver contains a redundant set of CPUs, which handle all processingfor the SIS system. The I/O for the SIS is <strong>integrated</strong> into the Logic Solver. Noexternal I/O cards are used. Logic solvers <strong>can</strong> communicate with one anotherover a peer-to-peer SIS ring network. The SIS network is not accessible by anycomponents of the BPCS. The BPCS controllers receive information from thelogic solvers via a different bus to allow SIS information to <strong>be</strong> viewed by plantoperators. The BPCS controllers are also used to write configuration changes tothe SIS logic solvers when security allows. No SIS configuration is run in theBPCS controller.At first glance this may seem to violate some basic principles of separation <strong>but</strong>it’s <strong>be</strong>lieved that these issues <strong>can</strong> <strong>be</strong> discussed while at the same time thetremendous <strong>be</strong>nefits that <strong>be</strong>come available <strong>can</strong> <strong>be</strong> explained.For this totally <strong>integrated</strong> system it makes sense to look at what is the same,what is different, and then what is improved.As was mentioned previously, the only new component <strong>be</strong>ing discussed is a newlogic solver and therefore all the field components including sensors, wiring, andcontrol elements are <strong>separate</strong> and <strong>can</strong> <strong>be</strong> identical for all SIS systemimplementations. Within the SIS system the following is <strong>separate</strong> from the BPCSsystem:- Logic processors and Terminal Blocks- I/O cards- Power- Communications- Operating System in the Logic SolverIt is possible to mount both BPCS modules and SIS logic solver modules on thesame backplane and meet IEC standards for SIL 3. This feature is probably themost difficult to grasp and in many applications these modules are installed on<strong>separate</strong> backplane carriers and sometimes in <strong>separate</strong> cabinets to provide for aphysical separation to mitigate human error during maintenance and operation.The new (scaleable) logic solvers have a capacity of 16 configurable I/O and <strong>can</strong><strong>be</strong> configured on an individual basis to closely match the SIF functions <strong>be</strong>ingprotected. This is very different both in physical layout and configuration ascompared to the historical SIS approach.Separation is great for <strong>safety</strong> <strong>but</strong> not so great for engineering, operations, andmaintenance. From an operational and maintenance point of view it is importantto understand what is happening in the opposite system and present thatinformation to the operations and maintenance staff in a single and cohesivemanner.
Change language